On Fri, Feb 13, 2015 at 06:16:48PM +0100, Pavel Reichl wrote:
>
> On 02/13/2015 05:27 PM, Jakub Hrozek wrote:
> >On Thu, Feb 12, 2015 at 04:29:31PM +0100, Pavel Reichl wrote:
> >>On 01/28/2015 09:29 AM, Pavel Reichl wrote:
> >>>On 01/27/2015 08:35 PM, Jakub Hrozek wrote:
> >>>> */
> >>>> if (getuid() != 0) {
> >>>>- setuid(0);
> >>>>+ errno = 0;
> >>>I don't think we need to null errno in this case
> >>>>+ ret = setuid(0);
> >>>>+ if (ret == -1) {
> >>>>+ ret = errno;
> >>>>+ DEBUG(SSSDBG_CRIT_FAILURE,
> >>>>+ "setuid failed: %d, selinux_child might not work!\n",
> >>>>ret);
> >>>>+ }
> >>>> }
> >>>> if (getgid() != 0) {
> >>>>- setgid(0);
> >>>>+ errno = 0;
> >>>same here
> >>>>+ ret = setgid(0);
> >>>>+ if (ret == -1) {
> >>>>+ ret = errno;
> >>>>+ DEBUG(SSSDBG_CRIT_FAILURE,
> >>>>+ "setgid failed: %d, selinux_child might not work!\n",
> >>>>ret);
> >>>>+ }
> >>>> }
> >>>Patch looks good to me. I have just a nitpick about nulling errno.
> >>>
> >>>After applying the patch clang-analyser no longer reports the warnings.
> >>>_______________________________________________
> >>>sssd-devel mailing list
> >>>sssd-devel@lists.fedorahosted.org
> >>>https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
> >>Jakub feel free to push the patch without fixing the nitpicks.
> >No need to, I simply forgot about the patch :-)
> >
> >sorry, new version attached.
> >
> Thanks. ACK.
>
> clang-analyzer didn't report any other problems in selinux_child.c
>
> http://sssd-ci.duckdns.org/logs/job/7/34/summary.html
* master: b0f46a3019e0ff4f375ef07682ceb9418751707f
* sssd-1-12: dc13b1aff629b0271eb6b75a9f3bdb43c9767093
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
